Alison Frankel reports:
For years, I’ve been writing about a split among the federal circuits on whether data breach victims can establish a right to sue in federal court merely by showing that they are at increased risk of identity theft. Just a couple of months ago, when the 11th U.S. Circuit Court of Appeals held in Tsao v. Captiva MVP Restaurant Partners that the mere risk of identity theft does not satisfy Article III standing requirements, I pointed out the courts’ acknowledgment that the circuit courts are divided on the question.
But in an important synthesis of appellate precedent on constitutional standing for data breach victims, the 2nd Circuit ruled on Monday in Stevens v. Carlos Lopez that there is actually no split among the circuits, despite reports to the contrary by other circuits.
Read more on Reuters.